gentoo resync : 28.04.2018

author: V3n3RiX <venerix@redcorelinux.org> 2018-04-28 20:02:04 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2018-04-28 20:02:04 +0100
commit: a4e2a46beb5e4858ef27bdedbb0ff6d2ced430ad (patch)
tree: 852c90a4bf354c30ea66504f70bfab5401fba18d /sec-policy/selinux-base-policy
parent: 5e8702bcbbed438e6c6cce023e7ef0cc9baa3e02 (diff)
2 files changed, 124 insertions, 0 deletions
diff --git a/sec-policy/selinux-base-policy/Manifest b/sec-policy/selinux-base-policy/Manifest
index 0d6d0595ffc0..2e7e48b8c9fe 100644
--- a/sec-policy/selinux-base-policy/Manifest
+++ b/sec-policy/selinux-base-policy/Manifest
@@ -6,6 +6,7 @@ DIST patchbundle-selinux-base-policy-2.20170805-r2.tar.bz2 314854 BLAKE2B 483d04
 DIST patchbundle-selinux-base-policy-2.20170805-r3.tar.bz2 324834 BLAKE2B ecc3b0425987aa648b3dd52977a6e1fd987e605fe302c3b6d8742d3eac9a1c89697de1f97331e9863b132bb95814ae7577e161a024cdda297fb84458aa9417fd SHA512 62ec2e70397d06d464e95305a4c0699cc07063d879d986a74442955fb8076a00cbe4a4f7a3cda46876cbf2ad38189be06f0c05ce9698aadafa6e9f02a8daf668
 DIST patchbundle-selinux-base-policy-2.20170805-r4.tar.bz2 689641 BLAKE2B 1accfbecd4825a6cdb8c3c189c9e23898d1dbe8415d2fe26a842782dec634958f01861916a3c040740359562984718b61cee7af7d9395b125590931110e67eff SHA512 2067b090cd054e47d6496c9513d69a7a37a72de8dc873159a8055e27fe2380dc73006354d790c455ae893645f956c6be6d6ad2d30be7428ff8a442604a0c5400
 DIST patchbundle-selinux-base-policy-2.20180114-r1.tar.bz2 285245 BLAKE2B 32ff8fa3330aa1e17d6a2fc3c267e9c66d5f540fe4b7d1da8961cdc8e3c4a86e157db66e144c9cef13d52b85aa8a242e89ccf6e9c3ef455a7133bc448586d70f SHA512 5d5ce77b42e183d0b0241567bbe718622ab388cf9538193730c999da832f3ea7e4e9306f2b96cfbcfad01e6fcc834cf1d43b7b388a5a50242dd7f5ef3e252b42
+DIST patchbundle-selinux-base-policy-2.20180114-r2.tar.bz2 293604 BLAKE2B 4b301021a646431fe3a4431815ef66231e3436c7c5a4b02c4d52492a603ab58b54bfdbd589161779c4331f26f56ef6eac4c6f7d8dbc489410e41f7e3cedecff7 SHA512 bfb8e0fc852bc91c38ecdfb51823f5fa89f7e9021eae108648fa8b574cf8303d28cb74b0a6b6c0745576113e419e1f232131c3166a6da9b431aebd3de642f75d
 DIST refpolicy-2.20170204.tar.bz2 709965 BLAKE2B 7fb10d6054d74204f8c7d6d8ee88603f37b6600ed4a03e937a3a233ea7a80feef6ab90ba01af8d444fa79b266456260b14af3be0ad6a311baff6e3408af7d1ba SHA512 30deabb02a5bde51c463e3e89988d850cff51596c2e72733a064245dec152ea46317eea79550dbe82a7a0d327ec0bcfbd9474ff8a902507392df0da00df6397f
 DIST refpolicy-2.20170805.tar.bz2 740430 BLAKE2B 0597f51fceb5ca88b3506aa16cbd2d7f3df3a1d9c6afdf4cc5fc7eca25fa19c5810889f90ed1ee0abef401d41384558abb69f6638caf50341f71d075fa99e561 SHA512 dbb6809b028ae75296ad26d5997cc21d835c49555a0e37957cb39b36b144af6e817320073a29247448eba1876ab9e29d3956ff4456f1542b66ba38af459ec586
 DIST refpolicy-2.20180114.tar.bz2 743725 BLAKE2B f64fc08dd68033a1762e147a0f205d8d1b71853017cefe4252ca4ca67029d457f28d81a82ae4e78c01e6c2131e9329d0e5634afee12fb4b291685e7563d59107 SHA512 9acb15d1d84670b25d1fc310e048348f707aa22ea184828e677946817aeb6ee2c590233195ead13aa91c7096544d6d29dfb6e98297120ef9464fc6107ffc9ce7
@@ -17,5 +18,6 @@ EBUILD selinux-base-policy-2.20170805-r2.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7
 EBUILD selinux-base-policy-2.20170805-r3.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7f1c2ea6d957a8b05d109196322a8c482ed9d8c7f517e14329b13ac4762ffc5483bd207d81e75cb113ae29c39c1da4ca8c4b16fcdc919e SHA512 0057be4e522c0704ef4080751a94e445cf42d658cd8b1227eb0b1c7074de57010cd31b90dcb757a0f0ab6672b5b1a53341800142b11869dcffbede53e0e59282
 EBUILD selinux-base-policy-2.20170805-r4.ebuild 3605 BLAKE2B 4f27262143270f66d1dc3752647adc4c6b8285d1147e3cd6247f6783f10a7c0fa3d11a4cd5b085218fc18d46d73c832cf340787d9d30af2dec09e7e8fba34559 SHA512 bb23adb0d62440dabb05d44566eef538d4fc0c905eb2c5c9f7b1ce85ea6ee2ed5770e0cb986b9ce71930538570c478621fb5ec740e55f3a00c63e82fa1e2d1f7
 EBUILD selinux-base-policy-2.20180114-r1.ebuild 3603 BLAKE2B 0d8294c8cec01620bc7f1c2ea6d957a8b05d109196322a8c482ed9d8c7f517e14329b13ac4762ffc5483bd207d81e75cb113ae29c39c1da4ca8c4b16fcdc919e SHA512 0057be4e522c0704ef4080751a94e445cf42d658cd8b1227eb0b1c7074de57010cd31b90dcb757a0f0ab6672b5b1a53341800142b11869dcffbede53e0e59282
+EBUILD selinux-base-policy-2.20180114-r2.ebuild 3605 BLAKE2B 4f27262143270f66d1dc3752647adc4c6b8285d1147e3cd6247f6783f10a7c0fa3d11a4cd5b085218fc18d46d73c832cf340787d9d30af2dec09e7e8fba34559 SHA512 bb23adb0d62440dabb05d44566eef538d4fc0c905eb2c5c9f7b1ce85ea6ee2ed5770e0cb986b9ce71930538570c478621fb5ec740e55f3a00c63e82fa1e2d1f7
 EBUILD selinux-base-policy-9999.ebuild 3605 BLAKE2B 4f27262143270f66d1dc3752647adc4c6b8285d1147e3cd6247f6783f10a7c0fa3d11a4cd5b085218fc18d46d73c832cf340787d9d30af2dec09e7e8fba34559 SHA512 bb23adb0d62440dabb05d44566eef538d4fc0c905eb2c5c9f7b1ce85ea6ee2ed5770e0cb986b9ce71930538570c478621fb5ec740e55f3a00c63e82fa1e2d1f7
 MISC metadata.xml 534 BLAKE2B 1bb289204431150ae974c9fd677926faf72e75def3294b9df405a048e398ac3b6147de8483512487edaeea378e1dbd32df0675acb7fa50326c48382603c5dbfe SHA512 d8340bec9d0ec0feb396b17b53a6d53e3caa7ddd1efdc5e5de07baf86592ad0526d08fc08908295cf18a915eef1c7429c72970d56967162b2390eed6f28c822a
diff --git a/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild
new file mode 100644
index 000000000000..ffcbe80f607c
--- /dev/null
+++ b/sec-policy/selinux-base-policy/selinux-base-policy-2.20180114-r2.ebuild
@@ -0,0 +1,122 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+if [[ ${PV} == 9999* ]]; then
+	EGIT_REPO_URI="${SELINUX_GIT_REPO:-https://anongit.gentoo.org/git/proj/hardened-refpolicy.git}"
+	EGIT_BRANCH="${SELINUX_GIT_BRANCH:-master}"
+	EGIT_CHECKOUT_DIR="${WORKDIR}/refpolicy"
+
+	inherit git-r3
+else
+	SRC_URI="https://raw.githubusercontent.com/wiki/TresysTechnology/refpolicy/files/refpolicy-${PV}.tar.bz2
+			https://dev.gentoo.org/~swift/patches/${PN}/patchbundle-${PN}-${PVR}.tar.bz2"
+	KEYWORDS="~amd64 -arm ~arm64 ~mips ~x86"
+fi
+
+HOMEPAGE="https://wiki.gentoo.org/wiki/Project:SELinux"
+DESCRIPTION="SELinux policy for core modules"
+
+IUSE="systemd +unconfined"
+
+PDEPEND="unconfined? ( sec-policy/selinux-unconfined )"
+DEPEND="=sec-policy/selinux-base-${PVR}[systemd?]"
+
+MODS="application authlogin bootloader clock consoletype cron dmesg fstools getty hostname hotplug init iptables libraries locallogin logging lvm miscfiles modutils mount mta netutils nscd portage raid rsync selinuxutil setrans ssh staff storage su sysadm sysnetwork tmpfiles udev userdomain usermanage unprivuser xdg"
+LICENSE="GPL-2"
+SLOT="0"
+S="${WORKDIR}/"
+
+# Code entirely copied from selinux-eclass (cannot inherit due to dependency on
+# itself), when reworked reinclude it. Only postinstall (where -b base.pp is
+# added) needs to remain then.
+
+pkg_setup() {
+	if use systemd; then
+		MODS="${MODS} systemd"
+	fi
+}
+
+pkg_pretend() {
+	for i in ${POLICY_TYPES}; do
+		if [[ "${i}" == "targeted" ]] && ! use unconfined; then
+			die "If you use POLICY_TYPES=targeted, then USE=unconfined is mandatory."
+		fi
+	done
+}
+
+src_prepare() {
+	local modfiles
+
+	if [[ ${PV} != 9999* ]]; then
+		einfo "Applying SELinux policy updates ... "
+		eapply -p0 "${WORKDIR}/0001-full-patch-against-stable-release.patch"
+	fi
+
+	eapply_user
+
+	# Collect only those files needed for this particular module
+	for i in ${MODS}; do
+		modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.te) $modfiles"
+		modfiles="$(find ${S}/refpolicy/policy/modules -iname $i.fc) $modfiles"
+	done
+
+	for i in ${POLICY_TYPES}; do
+		mkdir "${S}"/${i} || die "Failed to create directory ${S}/${i}"
+		cp "${S}"/refpolicy/doc/Makefile.example "${S}"/${i}/Makefile \
+			|| die "Failed to copy Makefile.example to ${S}/${i}/Makefile"
+
+		cp ${modfiles} "${S}"/${i} \
+			|| die "Failed to copy the module files to ${S}/${i}"
+	done
+}
+
+src_compile() {
+	for i in ${POLICY_TYPES}; do
+		emake NAME=$i -C "${S}"/${i} || die "${i} compile failed"
+	done
+}
+
+src_install() {
+	local BASEDIR="/usr/share/selinux"
+
+	for i in ${POLICY_TYPES}; do
+		for j in ${MODS}; do
+			einfo "Installing ${i} ${j} policy package"
+			insinto ${BASEDIR}/${i}
+			doins "${S}"/${i}/${j}.pp || die "Failed to add ${j}.pp to ${i}"
+		done
+	done
+}
+
+pkg_postinst() {
+	# Override the command from the eclass, we need to load in base as well here
+	local COMMAND="-i base.pp"
+	if has_version "<sys-apps/policycoreutils-2.5"; then
+		COMMAND="-b base.pp"
+	fi
+
+	for i in ${MODS}; do
+		COMMAND="${COMMAND} -i ${i}.pp"
+	done
+
+	for i in ${POLICY_TYPES}; do
+		einfo "Inserting the following modules, with base, into the $i module store: ${MODS}"
+
+		cd /usr/share/selinux/${i}
+
+		semodule -s ${i} ${COMMAND}
+	done
+
+	# Relabel depending packages
+	local PKGSET="";
+	if [[ -x /usr/bin/qdepends ]] ; then
+		PKGSET=$(/usr/bin/qdepends -Cq -r -Q ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+	elif [[ -x /usr/bin/equery ]] ; then
+		PKGSET=$(/usr/bin/equery -Cq depends ${CATEGORY}/${PN} | grep -v 'sec-policy/selinux-');
+	fi
+	if [[ -n "${PKGSET}" ]] ; then
+		rlpkg ${PKGSET};
+	fi
+}
author	V3n3RiX <venerix@redcorelinux.org>	2018-04-28 20:02:04 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2018-04-28 20:02:04 +0100
commit	a4e2a46beb5e4858ef27bdedbb0ff6d2ced430ad (patch)
tree	852c90a4bf354c30ea66504f70bfab5401fba18d /sec-policy/selinux-base-policy
parent	5e8702bcbbed438e6c6cce023e7ef0cc9baa3e02 (diff)